f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775 | Triage

Submit
Reports

Overview

overview

Static

static

f36560a6ef...75.exe

windows7-x64

f36560a6ef...75.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775
Size

388KB
MD5

607fb880987ce385a9bfec7141d3775c
SHA1

fbb6cc5bd84af07b437d89c5af8baad5fd9c4069
SHA256

f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775
SHA512

e1abf303986d74fa90988a794ea838b481a13c683a4732678a7c93c879e3f3c7dea4343b34498c9221b92d4ea057546b93887f167ba108b41488ffdaaeeff138
SSDEEP

6144:175te0N3bYeKw2Dido9g1Suu1nwtcsA9wr9hbXLIvWBbmuA5Pwf:1+0hz2g1SV1nwtcsCUhbXLIvqKuA+

Score

N/A

Malware Config

Signatures

Files

f36560a6ef6244fa1d75187243ec8c30223a7f84fdd6c12d759182dac187b775
.exe windows x86

8cb7c4b48b34954d337e17233a0e9055

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetFilePointer
GetDriveTypeW
SetFileTime
InterlockedExchange
GetModuleFileNameA
GetProcessHeap
CreateFileW
GlobalFlags
GetConsoleMode
DeleteFileW
GetFileAttributesA
PulseEvent
FindAtomW
GetModuleHandleA
OpenEventA
DeleteFileW
CreateFileW
GetCurrentThreadId
VirtualProtectEx
HeapDestroy
GetProcessVersion
LeaveCriticalSection
GetVolumePathNameA
OpenMutexA

user32

SetFocus
DispatchMessageA
GetWindowLongA
MessageBoxA
GetWindowLongA
wsprintfA
IsMenu
SetRect
PeekMessageA
DestroyIcon
DestroyMenu
LoadCursorA
GetWindowTextA

dot3msm

DllMain
Dot3MsmFreeProfile
Dot3MsmDisconnect
Dot3MsmDeInit

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy